Regular openthread upmerge to 49c59ec
#140
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
For the Spinel layer, when the state is transmitting, if the received Spinel frame fails parsing, the current implementation passes the `OT_ERROR_PARSE` error code to the sub_mac layer via the tx done handler. This causes an assert because the error code `OT_ERROR_PARSE` is not a valid one for `SubMac::HandleTransmitDone`. Additionally, I believe that when the received Spinel frame fails parsing, we should not trigger a transmit done to the sub_mac layer, as the `TxFrame` and the `AckFrame` may not be valid for further processing. In this corner case, I suggest considering ignoring the parsing-failed received packets, waiting for the tx timeout, and then raising a tx timeout failure to recover the RCP. This might be a reasonable approach.
…nabled (#9794) This could simplify the build configuration by omitting `OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE`.
…nt (#9694) This commit introduces a new feature in `SecureTransport` and `CoapSecure` that allows us to specify the maximum number of allowed connection attempts before the socket is automatically closed and the CoAP agent is stopped. This can be used to enhance security by preventing attacks and excessive retries. This commit also adds a callback mechanism to notify when the limit is reached and the CoAP agent is stopped.
The IPv4-mapped IPv6 address is useful in certain platform/public APIs where we need to support both IPv6 or IPv4 address. We can use IPv4-mapped IPv6 address to represent an IPv4 address. This commit adds simple helper functions to validate, create and parse such addresses.
…#9803) This commit contains the following - It fixes `SecureTransport` to ensure we do the max connection attempt check when transitioning from `kStateCloseNotify`. - It adds new public `otCoapSecure` APIs to start the agent with a given max connection attempts, and to check the agent's state, whether it is connected, connecting or closed. - It adds CLI commands under `coaps` for the new APIs. - It adds `test-026-coaps-conn-limit.py` to validate the max connection attempt limit of CoAP secure agent.
There are two changes: 1. Address the issue of handling tx timeout in case of multipan enabled. When RCP recovery initiates due to a timeout, the SPINEL attempts to transition to the Rx state and switch channels to initialize the RCP. However, these actions should be ignored when operating as Multiprotocol RCP, as another host/protocol might be scanning, and encountering the Rx state or channel switch could result in an error. Considering such scenarios, ignore the error rather than assert it for multipan. 2. Make the CMake option OT_MULTIPAN_RCP depend on the compile time value OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE, rather than being initialized to OFF.
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 3.23.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@74483a3...b7bf0a3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In #9554, a new radio capability is introduced: `RX_ON_WHEN_IDLE`. On the RCP scenario, if recoverd, there will be an error: ``` OPENTHREAD:[W] P-RadioSpinel-: Error processing result: NotImplemented OPENTHREAD:[W] P-RadioSpinel-: Error waiting response: NotImplemented ``` When set the rx on when idle on Host to RCP, no `Set property handler` will be found due to the target handler was surround by the macro `OPENTHREAD_MTD || OPENTHREAD_FTD`. This `rx on when idle` capability should not only be used for MTD and FTD, but also used for RADIO on a NCP. This PR fixes it.
…9814) While trying to read the Pskc or networkkey, we check if the keyref is valid. We instead need to check if the key is present. There is a possibility that the persistent data was erased before trying to read the key, which might result in asserts.
urrently the `RadioSpinel::RestoreProperties` only restores some properties defined in `spinel.h`. But if `OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE` is selected, users may set some properties of RCP via vendor command. So the radio spinel should allow users to register a callback to restore the vendor properties of RCP.
… (#9807) This commit updates how the `NetworkData::Publisher` handles "DNS/SRP Service Unicast Address" entries. Specifically, when a "DNS/SRP Service Anycast" entry is added by another BR, the publisher will set the desired count of unicast entries to zero. This effectively removes any previously added unicast entry. This new behavior is only applied when the address and port are included in the Server TLV data in a "DNS/SRP Service Unicast Address" entry. The `test_netdata_publisher` has been updated to verify this new behavior.
This commit introduces the `ClearAllBytes<ObjectType>()` template function to zero out all bytes within an object. This replaces `memset(0)` calls in OT core modules, simplifying code and improving safety by automatically using the correct object size.
…time (#9822) This commit fixes `DiscoveredPrefixTable::Entry::IsDeprecated()` to properly handle larger preferred lifetime values. It uses the method `CalculateExpireDelay()` to handle time delay calculation, avoiding overflow. The `test_routing_manager` test has also been updated to check for larger preferred/valid lifetime values.
The IPv6 packets received from host is from a different network stack, which is untrusted.
This commit always delivers multicast traffic to host. Without this change, host will not be able to receive link-local and mesh-local multicast traffic, even the host subscribes to some multicast addresses in these scopes. Note that this does not change the host forwarding rules, as link-local and mesh-local traffic are not supposed to be forwarded to adjacent links.
There's no clear use case for looping back packets to host. And it would probably result in host processing duplicate messages. This commit disables looping packets back to host.
This commit moves the check for rule 1 on preferring same address as the destination before the `(bestAddr == nullptr)` check. This ensures that rule 1 will be correctly applied even when the address happens to be first one in the `GetUnicastAddresses()` list.
…(#9831) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@eb238b5...63c24ba) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…t stack (#9815) This commit updates mesh-local addresses to be marked as preferred (reverting the change from #6532). This ensures that mesh-local addresses are not skipped over in `Ip6::SelectSourceAddress()`. The intention behind #6532 was to ensure that mesh-local addresses, when added to the platform host IPv6 stack (such as lwIP or the Linux kernel), are not preferred and therefore not selected by the host stack as the source address of application layer traffic unless explicitly assigned. This PR delegates this responsibility to the platform code and updates `posix/platform/netif` to change the preferred flag for mesh-local addresses when adding them on the platform IPv6 stack. To make this easier, the `otIp6AddressInfo` is updated to include `mMeshLocal` to indicate whether or not the address is mesh-local. `otNetifAddress` already provides such a variable.
This commit simplifies `Ip6::SelectSourceAddress()` by adding a new boolean `newAddrIsPreferred` tracking whether the new address is preferred over the previously chosen one as we iterate over all addresses.
Adds TCAT client implementation for BLE transport. Signed-off-by: Piotr Jasinski <[email protected]> Co-authored-by: Przemyslaw Bida <[email protected]>
…#9268) This commit adds a generic SRP Advertising Proxy implementation to OpenThread core, which uses a set of newly defined `otPlatDnssd` platform APIs for DNS-SD (mDNS) support on infrastructure network on a Border Router. `Srp::Server` provides `ServiceUpdateHandler` callback mechanism that allows platforms to implement their own advertising proxy function. While this is still supported, the new generic advertising proxy implementation makes it easier to port and support the proxy function on new platforms. The platform needs to provide the DNS-SD platform APIs, which are designed to be simple and easy to implement. The `AdvertisingProxy` directly interacts with `Srp::Server` and its registered `Host` and `Service` entries, tracking whether an entry has been successfully advertised, is currently being advertised, or has been replaced by a new registration. The `AdvertisingProxy` ensures that consecutive SRP updates for the same host or service are committed on the server in the order they are received, even if their advertisements are finished in a different order. This is important for SRP Replication support, as the server may receive a large number of SRP updates back-to-back for the same host. The `AdvertisingProxy` will also register key records for SRP host and service instance names. This will keep the claim on the name of a removed entry while its key lease is not expired. It is also used when an SRP host registration has no off-mesh routable address. This commit adds a detailed unit test `test_srp_adv_proxy` that validates the `AdvertisingProxy` under many scenarios. The test covers a range of cases, including delayed registration callbacks and timeouts, new registrations replacing outstanding advertisements, platform DNS-SD state changes and failures, host address changes adding/removing OMR addresses.
…s (#9842) Bumps [grpcio](https://github.com/grpc/grpc) from 1.53.0 to 1.53.2. - [Release notes](https://github.com/grpc/grpc/releases) - [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md) - [Commits](grpc/grpc@v1.53.0...v1.53.2) --- updated-dependencies: - dependency-name: grpcio dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@65d7f2d...0a5c615) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Currently the the data poll timer is used to maintain synchronization with the parent. It sends a data poll once per csl timeout. However often this is not necessary as other packets that are sent cause synchronization to be maintained. This commit resets the data poll timer each time a frame containing the csl ie is successfully transmitted.
This commit moves the `mBackboneRouterLocal` before `mMleRouter` in `Instance` class to ensure that it is initialized and its constructor is called before. This ensures when `Mle()` constructor invokes the `ApplyNewMeshLocalPrefix()` method on `BackboneRouter::Local`, it is already initialized.
This commit implements address deprecation mechanism in `Slaac` class. When a prefix is removed from Network Data, its corresponding SLAAC address is not removed immediately. Instead, it is marked as deprecated and its "preferred" flag is set to false. After a deprecation interval (300 seconds), the deprecated address is removed. If the prefix is re-added to Network Data before the deprecation time elapses, the SLAAC address is also reinstated. Since the number of SLAAC address entries is limited, non-deprecated addresses are prioritized. This means that if a new entry is required for a new prefix, the earliest deprecating entry can be evicted to accommodate the new entry. The `Slaac` module keeps track of the associated Domain IDs for deprecating SLAAC prefixes, even if the related Prefix TLV has already been removed from the Network Data. This information is used during external route lookup in `NetworkData::Leader::RouteLookup()` if a deprecating SLAAC address is used as the source address in an outbound message, ensuring that the message is not dropped and can be delivered. This commit also adds a detailed test `test-027-slaac-address.py` validating various behaviors of SLAAC module.
Currently mbedtls debug logging can only be set for builtin mbedtls. With an external mbedtls the log level does not get configured. This commit removes the builtin requirement.
rlubos
approved these changes
Feb 15, 2024
edmont
approved these changes
Feb 15, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.